| Titel | chatchat-space Langchain-Chatchat 0.3.1.3 TOCTOU Race Condition / CWE-367 |
|---|
| Beschreibung | A vulnerability was found in chatchat-space Langchain-Chatchat 0.3.1.3. Affected by this vulnerability is the function files() of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py (lines 260–284) of the component OpenAI-Compatible File Upload API. The manipulation of the argument file.filename leads to a time-of-check time-of-use (TOCTOU) race condition. Files are stored using open(path, "wb") at a path derived solely from purpose, date, and filename, with no conflict detection, deduplication, or per-user isolation. A second upload with the same filename silently overwrites the first. Because the Vision LLM fetches images from disk in real-time via GET /v1/files/{id}/content with no content pinning, the LLM may receive an attacker-controlled image instead of the victim's original upload within the race condition window. The attack may be initiated remotely with low privileges in a multi-tenant deployment. The exploit has been disclosed to the public. It is recommended to introduce a random UUID component in the file storage path and implement content pinning at upload time. |
|---|
| Quelle | ⚠️ https://github.com/chatchat-space/Langchain-Chatchat/issues/5463 |
|---|
| Benutzer | Dem00 (UID 84913) |
|---|
| Einreichung | 19.04.2026 10:21 (vor 2 Monaten) |
|---|
| Moderieren | 05.05.2026 12:21 (16 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 361125 [chatchat-space Langchain-Chatchat bis 0.3.1.3 OpenAI-Compatible File Upload API openai_routes.py files file.filename Race Condition] |
|---|
| Punkte | 20 |
|---|